- I am a security researcher and three letter agencies have talked to me more than a couple times about their interest in my work.
I got a used manual transmission easy to repair vehicle with no internet, no cell phone, I only use cash IRL, and the only device I travel with is a QubesOS laptop.
If the CIA wants to track me, they are going to have to work for it. I hope to waste as much of their time as possible.
- Just buy a range rover. Nobody can operate it. Not even the mechanic who is currently looking into it, again.
- I also want to takeover my phone, TV, and even my car.
- I always comment when people say how TV shows make hacking look so easy, that I think they're not too far off when the "hackers" are state-sponsored. Part of the benefit of compartmentalizing things like tool/exploit-dev from ops is you get good tooling that you just point and shoot and it mostly works.
With enterprise/corporate red-teaming you have to work for it a lot, update your tooling, attacks, etc... do a lot of recon. But even then, even in companies that take security seriously and pay for it too, experienced pros spend a few days and get domain-admin (or equivalent) half the time. And I'm talking about in 2025 with everyone and their mom running EDR that have only gotten better over time (in my opinion).
The CIA's tools probably don't have flashy graphics, but even the ones that were leaked a while ago give a good insight into things.
https://github.com/secoba/CIA-Hacking-Tools
I can imagine an experienced operator automating things quite a bit, and when you give them a target, they'll just run a few commands, wait a some time and get a shell with lots of powerful capabilities.
Matter of fact, I think they don't show enough "easy hacking" in the movies, where you take over hospitals, government agents, courts ,etc.. in a matter of minutes and start snooping around, or just wipe them out. That would feel unbelievable to movie/tv audiences so they lave it out.
- I'd be very interested to know what this community's view on Mr Kiriakou is
He shows up on Youtube a lot, and is always a great watch, but is he full of shit or what?
- I'm skeptical of some of this guy's stories.
In one interview he says that after being surveilled overseas for a while by an obvious amateur, he told the station chief who then gave him the OK to kill the guy.
Surely they would try evasion, counter-surveillance, or maybe even sending a team to grab the guy off the street to figure out who he is?
He claims the only reason he didn't kill the guy is because for some reason he randomly decided to mention it to a general in the local intelligence service, and then suddenly the tail vanished.
- 1. This news site is analogous to a tabloid. They're just rehashing info from K's appearance in a LADBible video: https://www.youtube.com/watch?v=BXtDH2IXKY8
2. While I don't even dislike the guy, let alone hate him, Kiriakou tends to make grandiose and controversial claims that get discredited.
3. Kiriakou hasn't been privvy to CIA tech since roughly 2004. Yes, before the era of modern smartphones, all devices were pwned. He's been doing the rounds on any podcast that will take him where he elaborates on these claims further and it's pretty clear that he doesn't have decent subject matter knowledge.
Can a lot of phones and TVs and cars be exploited? Yes. Keep your devices patched. And, don't do things that attract the CIA's attention enough that they're putting in the significant effort it takes to pwn your TV or car.
tl;dr: If you're in a position where the CIA is targeting you, worry.
- These three agencies are opposed to the public having access to appropriate cybersecurity: NSA, NIST, CIA. The goal of government should have been to boost the citizen's cybersecurity, but it is the opposite. Americans are worse off as a result.
- Top comments in this thread have a serious “my hands are registered as deadly weapons” energy to them. Nonsensical LARPing.
- My 1971 Ford truck accepts the challenge.
- is this post trying to bait us? has anyone seen through the history of this guy s claims? have they been like debunked anywhere?
- My taxes at work.
- This was all released many years ago in the Vault 7 drop. What's new here?